Port 5900 (TCP) — VNC Remote Desktop

Anatoly Oshmanovsky

Port 5900: VNC Remote Desktop

By Anatoly Oshmanovsky · Updated May 23, 2026

Key idea:

Port 5900 (TCP) is the standard for VNC Remote Desktop. Port 5900 — default for VNC (Virtual Network Computing). 5901-5905 for displays :1-:5. VNC protocol has no TLS encryption by default, password is limited to 8 bytes (DES). Shodan

Below: what uses this port, security considerations, online check, FAQ.

Try it now — free →

What runs on this port

VNC Remote Desktop

Port 5900 — default for VNC (Virtual Network Computing). 5901-5905 for displays :1-:5. VNC protocol has no TLS encryption by default, password is limited to 8 bytes (DES). Shodan finds millions of open VNC instances without auth.

Security considerations

VNC exposed on the internet = full desktop takeover. Always SSH tunnel (ssh -L 5900:localhost:5900 user@host). TigerVNC/RealVNC 6+ support TLS, but it is simpler to use Apache Guacamole or NoMachine with native auth.

Check this port online

Check port online →

Enterno.io Ping + Port checker tests TCP reachability of any port from 3 regions (Moscow / Frankfurt / Virginia).

Understanding VNC Remote Desktop Connections

Security Considerations for Port 5900

Practical Examples of Configuring VNC on Port 5900

ICMP PingHost availability and latency

Port ScannerOpen TCP port detection

LatencyResponse time in milliseconds

Packet LossPercentage of dropped packets

Why teams trust us

ICMP+TCP

check protocols

key ports scanned

<2s

result

regions

How it works

Enter IP or domain

ICMP packets sent

Latency & packet loss shown

How Do Ping and Port Scanning Work?

Ping sends ICMP packets to a host and measures response time. Port scanning checks which TCP ports are open and accepting connections — helping diagnose serviceavailability issues.

Configurable Ping

Choose packet count (3, 4, 6, 10). Stats: min/avg/max latency and packet loss.

Common Port Scanner

Check 14 key ports: HTTP, HTTPS, SSH, FTP, SMTP, MySQL, PostgreSQL, and more.

Cloud-Based Check

Testing from our server — see site availability from outside, not just your local network.

Uptime Monitoring

Need constant monitoring? Create a monitor — checks every minute with notifications.

Who uses this

DevOps

availability diagnosis

Network engineers

TCP port scanning

Developers

connection debugging

SRE

basic health check

Common Mistakes

❌

ICMP blocked = server is downMany servers block ICMP. Ping fails but site works — check ports instead.

❌

High ping = server problemLatency depends on geography. 150ms between continents is normal, not an error.

❌

Closed ports — cause for alarmClosed ports of unused services are good. Unnecessary open ports are a risk.

❌

One check = sufficientNetworks are unstable. A single timeout ≠ a problem. Check multiple times or set up monitoring.

Best Practices

✓

Combine ping and port checksPing shows host availability, ports show specific service availability. Use both.

✓

Check from different locationsThe problem may be local. A cloud test shows the real picture.

✓

Close unused portsEvery open port is a potential attack vector. Keep only necessary ports open.

✓

Set up monitoringManual checks do not scale. Set up automated monitoring with notifications.

Get more with a free account

Ping check history, host availability monitoring and downtime alerts.

Learn more

Ports

Frequently Asked Questions

Is port 5900 open by default?

No, modern cloud providers (AWS, Google Cloud, Yandex) close all incoming ports by default. You must explicitly allow port 5900 in a Security Group or firewall.

How to check if port 5900 is reachable?

Use <a href="/en/ping">Enterno Ping + Port Checker</a>. Or in shell: <code>nc -vz example.com 5900</code>.

Is port 5900 safe to expose?

Depends on the service. VNC Remote Desktop should never be exposed publicly without authentication + TLS. See <a href="/en/s/research-open-ports-exposure-2026">our 2026 exposure research</a>.

Try the live tool that powered this guide

Free plan — 20 monitors, 5-minute checks, no card required. Upgrade for 1-minute interval and multi-region monitoring.

Start free See pricing